Publish Python packages in Azure Pipelines

Azure Pipelines

Note

Python package publishing in Azure Pipelines is currently in public preview.

You can publish Python packages produced by your build to:

  • Azure Artifacts
  • Other repositories such as https://pypi.org/

To publish Python packages produced by your build, you'll use twine, a widely used tool for publishing Python packages. This guide covers how to do the following in your pipeline:

  1. Install twine on your build agent
  2. Authenticate twine with your Azure Artifacts feeds
  3. Use a custom task that invokes twine to publish your Python packages

Install twine

First, you'll need to run pip install twine to ensure the build agent has twine installed.

- script: 'pip install twine'

Check out the script YAML task reference for the schema for this command.

Authenticate Azure Artifacts with twine

To use twine to publish Python packages, you first need to set up authentication. The Python Twine Authenticate task stores your authentication credentials in an environment variable (PYPIRC_PATH). twine will reference this variable later.

To authenticate with twine, add the following snippet to your azure-pipelines.yml file.

- task: TwineAuthenticate@0
  inputs:
    artifactFeeds: 'feed_name1, feed_name2'
    externalFeeds: 'feed_name1, feed_name2'
  • artifactFeeds: the name of one or more Azure Artifacts feeds within your organization
  • externalFeeds: the name of one or more external connection endpoints, including PyPI or feeds in other organizations in Azure DevOps

Use a custom twine task to publish

After you've set up authentication with the preceding snippet, you can use twine to publish your Python packages. The following example uses a custom command-line task.

- script: 'twine upload -r {feedName/EndpointName} --config-file $(PYPIRC_PATH) {package path to publish}'

Check out the script YAML task reference for the schema for this command.

Tips and FAQs

  • The authentication credentials written into the PYPIRC_PATH environment variable supersede those in your .ini and .conf files.
  1. If you add multiple Python Twine Authenticate tasks at different times in your pipeline steps, each additional build task execution will extend (not override) the existing PYPIRC_PATH environment variable.

  2. Lastly, we strongly recommend NOT checking into source control any credentials or tokens.